This Trojan can connect to Internet Relay Chat sevrer and receives instructions through IRC port.

Technical Details

This UPX-packed Trojan opens TCP/IP port 30005. Thus, an attacker can open, run and delete the local system user's file. Windows can also be affected.
The Trojan copies itself in Windows directory as traywnd.exe and makes the registry autostart entry:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion_ \Run "Taskschd" = %WINDIR%\traywnd

Other versions of the Trojan copy themselves in ´Litmus' folder of Windows directory (with various names) and make similar registry entries.

The source of this backdoor is available for hackers in many versions. So, some of the versions can be found under different names by other AV programs.